Introduction

On some networks users usually have desktop firewalls disabled.
Once you have Security Center enabled (Spiceworks polls Anti-Virus information from Security Center) users will see the red shield in the taskbar indicating the firewall is disabled.

With this ADMT Template the notification is disabled while still monitoring the Firewall status.

; the following command specifies the registry key to modify
KEYNAME "Software\Microsoft\Security Center"

; the following command specifies the name of the policy
; by using the variable "policyname"
POLICY !!policyname

; the following command specifies text on the Explain tab
EXPLAIN !!explaintext

; the following command creates a PART that contains a list box
PART !!labeltext DROPDOWNLIST REQUIRED

; the following statement specifies the registry value to modify
VALUENAME "FirewallDisableNotify"

; the following statement populates the drop down list
ITEMLIST
NAME !!DisableMonitoring VALUE NUMERIC 1 DEFAULT
NAME !!EnableMonitoring VALUE NUMERIC 0
END ITEMLIST
END PART
END POLICY
END CATEGORY; Security Center
END CATEGORY; Windows Components

Create a new GPO for this setting, or apply to an existing GPO

Select Add, and navigate to the .adm file.
Once added this ADM template will be copied to the SYSVOL folder.

As any other ADM templates you will want to copy the template to the management station's c:\windows\inf folder if you want to manage the settings.

3

Disable Filter "Only Show policy settings that can be fully managed"

Right-Click Administrative templates -> View -> Filtering

Uncheck "Only Show policy settings that can be fully managed"

4

Enable the new policy setting

Enable the setting "Disable Firewall Monitoring"

Conclusion

I found that often people have Security Center disabled in Domains to avoid Firewall Disabled notification.
The Spiceworks community will largely utilize Security Center for Anti-Virus detection and status monitoring.

I was jumping for joy when i found this script - i enabled the security center last week and all my users are complaining now (doesn't take much to confuse them!) Problem is, i try and import it onto a 2003 DC into GPM and get an error 62 on line 4 - saying it cannot find the variable in the strings section, referencing !!category. any ideas?

Edit* Did some playing with code. If I removed the variables and placed the values in it worked fine. So began to slowly add variables back in. Failed after the first on. Discovered a "space" after the closeing bracket on [strings]. Now the variables appear to work.